change SecurityNetty4Transport to depend on RemoteClusterAuthenticationService

slobodanadamovic · slobodanadamovic · commit 9d5d6b3a9bf0 · 2025-09-05T21:58:16.000+02:00
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/core/security/transport/netty4/SecurityNetty4Transport.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/core/security/transport/netty4/SecurityNetty4Transport.java
@@ -47,7 +47,7 @@
 import org.elasticsearch.xpack.core.security.transport.SecurityTransportExceptionHandler;
 import org.elasticsearch.xpack.core.ssl.SSLService;
 import org.elasticsearch.xpack.core.ssl.SslProfile;
-import org.elasticsearch.xpack.security.authc.CrossClusterAccessAuthenticationService;
+import org.elasticsearch.xpack.security.authc.RemoteClusterAuthenticationService;
 
 import java.net.InetSocketAddress;
 import java.net.SocketAddress;
@@ -79,7 +79,7 @@ public class SecurityNetty4Transport extends Netty4Transport {
     private final boolean remoteClusterServerSslEnabled;
     private final SslProfile remoteClusterClientSslProfile;
     private final RemoteClusterClientBootstrapOptions remoteClusterClientBootstrapOptions;
-    private final CrossClusterAccessAuthenticationService crossClusterAccessAuthenticationService;
+    private final RemoteClusterAuthenticationService remoteClusterAuthenticationService;
 
     public SecurityNetty4Transport(
         final Settings settings,
@@ -91,7 +91,7 @@ public SecurityNetty4Transport(
         final CircuitBreakerService circuitBreakerService,
         final SSLService sslService,
         final SharedGroupFactory sharedGroupFactory,
-        final CrossClusterAccessAuthenticationService crossClusterAccessAuthenticationService
+        final RemoteClusterAuthenticationService remoteClusterAuthenticationService
     ) {
         super(
             settings,
@@ -103,7 +103,7 @@ public SecurityNetty4Transport(
             circuitBreakerService,
             sharedGroupFactory
         );
-        this.crossClusterAccessAuthenticationService = crossClusterAccessAuthenticationService;
+        this.remoteClusterAuthenticationService = remoteClusterAuthenticationService;
         this.exceptionHandler = new SecurityTransportExceptionHandler(logger, lifecycle, (c, e) -> super.onException(c, e));
         this.sslService = sslService;
         this.transportSslEnabled = XPackSettings.TRANSPORT_SSL_ENABLED.get(settings);
@@ -180,7 +180,7 @@ protected void headerReceived(Header header) {
                         channel.config().setAutoRead(false);
                         // this prevents thread-context changes to propagate beyond the validation, as netty worker threads are reused
                         try (ThreadContext.StoredContext ignore = threadPool.getThreadContext().newStoredContext()) {
-                            crossClusterAccessAuthenticationService.tryAuthenticate(
+                            remoteClusterAuthenticationService.tryAuthenticate(
                                 header.getRequestHeaders(),
                                 ActionListener.runAfter(ActionListener.wrap(aVoid -> {
                                     // authn is successful -> NOOP (the complete request will be subsequently authn & authz & audited)
